Shoppers fret about authenticity of Target email

NEW YORK — An email sent to the roughly 70 million Target customers who may have been affected by a pre-Christmas data breach is causing panic among those who fear it could be an attempt to victimize them again.

Target says the email, which offers free credit monitoring services to potential victims of the breach, is legitimate. But the company has identified a handful of scammers who are trying to take advantage of the public's fear and confusion.

Consumers have been on edge since news of the data breach broke last month. And they've been warned to be on alert for possible followup attacks that could come in the form of phishing emails — electronic messages designed to implant malicious software on their computers or draw them to websites that prompt them to enter personal information.

So when Target's email began circulating this week, many recipients questioned its authenticity. The email was especially suspicious to people who say they haven't set foot in a Target store in years.

Jim Reid, 60, of Minneapolis said he was a little nervous about clicking on the link in the email, and he questioned whether it was a good idea to send Target even more personal information when the retailer was unable to protect it in the first place.

"There's too much uncertainty," Reid said. "They keep changing what they're saying about how many people were affected, about what kinds of information were stolen. It's obvious that they really don't know."

According to Target, hackers stole data related to 40 million credit and debit card accounts and also pilfered personal information, including the email addresses, phone numbers, home addresses and names of as many as 70 million customers.

Target spokeswoman Molly Snyder says it's those 70 million people that Target contacted by email. And while Target believes that the theft of the roughly 40 million debit and credit card numbers affected only cards swiped between Nov. 27 and Dec. 15, the 70 million people whose personal information was stolen could have last shopped at a Target store months, or even years, ago.

Meanwhile, consumers are right to be wary of emails purportedly sent by Target. Snyder said that in recent weeks, the retailer has stopped more than a dozen operations that sought to scam breach victims by way of email, phone calls and text messages.

Target says all of the letters it's sending to shoppers are posted on the company's website, along with information about what customers need to do to sign up for Target's free credit monitoring.